package com.example.demo.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

@EnableWebSecurity
@Configuration
public class SecurityConfig {
	@Bean
	SecurityFilterChain mySecurity(HttpSecurity security) throws Exception {
		security
			.csrf().disable()

			.cors().and()

			.authorizeRequests(requests ->
				requests.anyRequest().authenticated()
			)

			.httpBasic()
			.and()

			.formLogin()
			.and()

			.logout()
			.and()

			.sessionManagement()
			.and()


			.exceptionHandling(c -> {
			});
		return security.build();
	}

	/**
	 * 路由白名单设置
	 *
	 * @return security config
	 */
	@Bean
	WebSecurityCustomizer webSecurityCustomizer() {
		return (web) -> web
			.ignoring()
			.antMatchers(HttpMethod.OPTIONS, "/**")
			.antMatchers("/favicon.ico", "**/favicon.ico")
			.antMatchers("/actuator/**")
			.antMatchers("/static/**", "/resource/**", "/public/**","/assets/**")
			;
	}
}
